Explore top 10 tips to secure your open-source projects now. Read More
×
This update for qemu fixes several issues.
These security issues were fixed:
- CVE-2017-9330: USB OHCI Emulation in qemu allowed local guest OS users to cause a denial of service (infinite loop) by leveraging an incorrect
return value (bsc#1042159).
- CVE-2017-8379: Memory leak in the keyboard input event handlers support
allowed local guest OS privileged users to cause a denial of service
(host memory consumption) by rapidly generating large keyboard events
(bsc#1037334).
- CVE-2017-8309: Memory leak in the audio/audio.c allowed remote attackers to cause a denial of service (memory consumption) by repeatedly starting
and stopping audio capture (bsc#1037242).
- CVE-2017-7493: The VirtFS, host directory sharing via Plan 9 File
System(9pfs) support, was vulnerable to an improper access control
issue. It could occur while accessing virtfs metadata files in
mapped-file security mode. A guest user could have used this...
Read the Full AdvisoryPatch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.2:
zypper in -t patch openSUSE-2017-822=1
To bring your system up-to-date, use "zypper patch".
- openSUSE Leap 42.2 (i586 x86_64):
qemu-2.6.2-31.3.3
qemu-arm-2.6.2-31.3.3
qemu-arm-debuginfo-2.6.2-31.3.3
qemu-block-curl-2.6.2-31.3.3
qemu-block-curl-debuginfo-2.6.2-31.3.3
qemu-block-dmg-2.6.2-31.3.3
qemu-block-dmg-debuginfo-2.6.2-31.3.3
qemu-block-iscsi-2.6.2-31.3.3
qemu-block-iscsi-debuginfo-2.6.2-31.3.3
qemu-block-ssh-2.6.2-31.3.3
qemu-block-ssh-debuginfo-2.6.2-31.3.3
qemu-debugsource-2.6.2-31.3.3
qemu-extra-2.6.2-31.3.3
qemu-extra-debuginfo-2.6.2-31.3.3
qemu-guest-agent-2.6.2-31.3.3
qemu-guest-agent-debuginfo-2.6.2-31.3.3
qemu-kvm-2.6.2-31.3.3
qemu-lang-2.6.2-31.3.3
qemu-linux-user-2.6.2-31.3.1
qemu-linux-user-debuginfo-2.6.2-31.3.1
qemu-linux-user-debugsource-2.6.2-31.3.1
qemu-ppc-2.6.2-31.3.3
qemu-ppc-debuginfo-2.6.2-31.3.3
qemu-s390-2.6.2-31.3.3
qemu-s390-debuginfo-2.6.2-31.3.3
qemu-testsuite-2.6.2-31.3.6
qemu-tools-2.6.2-31.3.3
qemu-tools-debuginfo-2.6.2-31.3.3
qemu-x86-2.6.2-31.3.3
qemu-x86-debuginfo-2.6.2-31.3.3
- openSUSE Leap 42.2 (x86_64):
qemu-block-rbd-2.6.2-31.3.3
qemu-block-rbd-debuginfo-2.6.2-31....
Read the Full Advisoryhttps://www.suse.com/security/cve/CVE-2016-10028.html
https://www.suse.com/security/cve/CVE-2016-10029.html
https://www.suse.com/security/cve/CVE-2016-9602.html
https://www.suse.com/security/cve/CVE-2016-9603.html
https://www.suse.com/security/cve/CVE-2017-5579.html
https://www.suse.com/security/cve/CVE-2017-5973.html
https://www.suse.com/security/cve/CVE-2017-5987.html
https://www.suse.com/security/cve/CVE-2017-6505.html
https://www.suse.com/security/cve/CVE-2017-7377.html
https://www.suse.com/security/cve/CVE-2017-7471.html
https://www.suse.com/security/cve/CVE-2017-7493.html
https://www.suse.com/security/cve/CVE-2017-7718.html
https://www.suse.com/security/cve/CVE-2017-7980.html
https://www.suse.com/security/cve/CVE-2017-8086.html
https://www.suse.com/security/cve/CVE-2017-8112.html
https://www.suse.com/security/cve/CVE-2017-8309.html
https://www.suse.com/security/cve/CVE-2017-8379.html
https://www.suse.com/security/cve/CVE-2017-8380.html
https://www.suse.com/security/cve/CVE-2017-9330.html
https://ww...
Read the Full AdvisoryGet the latest Linux and open source security news straight to your inbox.